// © 2009 Microsoft Corporation.  All rights reserved.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.SessionState;
using Microsoft.InformationSecurity.CISF.Security.Principal;
using System.IO;
using System.Configuration;
using Microsoft.InformationSecurity.RiskManagement.ISRMWeb.Common;

namespace Microsoft.InformationSecurity.RiskManagement.ISRMWeb
{
    public class Global : System.Web.HttpApplication
    {

        protected void Application_Start(object sender, EventArgs e)
        {

        }

        protected void Session_Start(object sender, EventArgs e)
        {

        }

        protected void Application_BeginRequest(object sender, EventArgs e)
        {

        }

        protected void Application_AuthenticateRequest(object sender, EventArgs e)
        {

        }

        protected void Application_AuthorizeRequest(object sender, EventArgs e)
        {
            CISFPrincipal principal = SaveAndReturnUserPrincipal();
            Context.User = principal;
        }

        protected void Application_PostAcquireRequestState(object sender, EventArgs e)
        {

        }

        protected void Application_Error(object sender, EventArgs e)
        {

        }

        protected void Session_End(object sender, EventArgs e)
        {

        }

        protected void Application_End(object sender, EventArgs e)
        {

        }

        private CISFPrincipal SaveAndReturnUserPrincipal()
        {
            CISFPrincipal principal = null;
            int timeoutMinutes;
            try
            {
                if (Application[User.Identity.Name + "AuthZData"] != null)
                {
                    principal = (CISFPrincipal)Application[User.Identity.Name + "AuthZData"];
                    timeoutMinutes = int.Parse(ConfigurationManager.AppSettings["UserLoginCacheTimeoutMinutes"]);

                    if (principal.Elapsed.Minutes > timeoutMinutes)
                    {
                        principal = new CISFPrincipal(User.Identity, GetUserInfo(Utility.GetUsername(true)));
                        Application[User.Identity.Name + "AuthZData"] = principal;
                    }
                }
                else
                {
                    principal = new CISFPrincipal(User.Identity, GetUserInfo(Utility.GetUsername(true)));
                    Application[User.Identity.Name + "AuthZData"] = principal;
                }
            }
            catch { }            
            return principal;
        }

        /// <summary>
        /// 
        /// </summary>
        /// <param name="name">User name in the form of Domain\Username</param>
        /// <returns></returns>
        private Microsoft.InformationSecurity.CISF.Security.AuthZServices.User GetUserInfo(string name)
        {
            AuthZService.AuthZServiceClient authzClient = new AuthZService.AuthZServiceClient();
            Microsoft.InformationSecurity.CISF.Security.AuthZServices.User user = authzClient.GetUserInformation(name);
            authzClient.Close();

            return user;
        }
    }
}